|Internet Privacy Guide|
Don't Take Candy From Strangers
Padlock your E-Mail with PGP
Security on OS X
Feature: Protect Yourself Online
E-mail is about as private as undressing with your curtains open. You may think you're having a private moment, but the reality is quite different. The steamy love letter you sent to your sweetheart, the joke about your manager's new haircut, and the resume you sent to your company's competitor may all have passed under the eyes of your boss, as well as those of the systems supervisor and a few other unintended recipients. The fact is, thanks to modern technology and the approval of the courts, your employer can easily--and legally--keep tabs on everything that passes through your e-mail out-box at work. It's also not especially difficult for a hacker, your ISP's mail administrator, or a coworker to intercept and read your e-mail. Thankfully, you can shield private messages from public scrutiny. With some security know-how and our e-mail tips, you can fight off the Big Brothers of the world.
The Power and the Peril
To understand why your e-mail is vulnerable, you must first understand how your messages move through the Internet.
E-mail programs such as Microsoft's Outlook Express and Qualcomm's Eudora Pro give you a feeling of control over your correspondence. As the mail comes in, you organize it, delete some of it from your mailbox, and fire off replies to friends. Because this all happens in a matter of moments, you have the illusion of beaming your letter directly to the recipient's computer.
In most cases, however, your out-box is only the first of several stops the message takes before reaching your recipient's in-box. E-mail follows a routing process similar to the postal system's--only without the added protection of a sealed envelope. Each stop along the way offers an opportunity for prying eyes.
Assuming you've managed to wipe a message clean from your own computer, chances are a copy still lives on your recipient's hard drive. If you sent or received the message at work, your employer may have backup tapes containing your messages (whether the company has backed up your personal hard drive or not). And if you send and receive messages from home, your ISP probably has copies of your e-mail, because a responsible provider backs up its mail servers regularly. It's also possible for hackers to intercept the mail stream going to or from your ISP's servers. All of these copies are beyond your control.Protect Yourself Online
Whose Mail Is It, Anyway?
But why should you care if people are reading your e-mail? You probably don't transmit government secrets on a regular basis. In fact, most e-mail messages are simply routine correspondence with coworkers, family, and friends, of interest only to you and them (and sometimes not even to them!).
Although the spooks at the National Security Agency may not care about the racy joke you just forwarded to all of your coworkers and half of Michigan, your boss probably does. And if you're not careful, your next off-the-cuff rant or tasteless barb could land you right out of a job.
|Click here for Sidebar "Don't Take Candy from Strangers"|
A common concern of people new to e-mail is the threat of a computer virus hitching a ride on that incoming mail from Grandma. If this describes you, sit back and smile appreciatively at your Mac. For the most part, Mac users have little to worry about, as relatively few Mac viruses are circulating. This is because, like the majority of computer users, most of the pinheads who create computer viruses use Windows machines. Thus they write code that specifically exploits the soft underbelly of that platform. Because Windows programs don't run on the Mac OS, neither do most Windows viruses.
That's not to say you can't get a Mac virus by e-mail. It's possible--and like most viruses, it would come as a file attachment. Here are some tips for protecting your Mac from pesky, uninvited guests.
Fortunately, because of differences in the operating systems, the most vicious macro viruses have their worst effects on Windows machines. Although to date no one has discovered a macro virus on the Mac that will destroy data, it pays to be careful.
Many organizations use monitoring software to see how employees are using the company's computers and fast, expensive Internet connections. A wide variety of monitoring software is now on the market. Some simply monitors the frequency of e-mail and Internet use, looking for employees who may be spending too much time online. Other programs can scan messages for keywords such as sex or resume, saving any suspect messages for later review or even blocking them altogether. The practice is already common; a report by the American Management Association showed that nearly 30 percent of the companies it surveyed were monitoring e-mail in early 1999. As more and cheaper monitoring software becomes available, the likelihood that your employer will scrutinize mail increases.
Why would your company even bother to monitor your e-mail? To protect itself, for one thing: The company can be held liable for what you say if it gets sued for sexual harassment or job discrimination. Say you don't like an obnoxious coworker, and you e-mail some tasteless jokes about him to a friend in your company. A few years later, the obnoxious coworker gets fired and sues the company. His lawyer demands copies of all e-mail that mentions him, and next thing you know, your joking (if a bit mean-spirited) old message becomes exhibit A in the lawsuit as proof of a hostile work environment.
This isn't just theoretical; over the past several years, demand for e-mail records has become one of the primary requests in the discovery phase of lawsuits. Joe Kish, a partner at the law firm of Severson & Werson, teaches legal seminars on methods of electronic discovery. "People seem to drop their guard when they send e-mail," Kish comments. "It's become an incredible legal resource for both plaintiffs and defendants."
Examples abound. As we wrote this article, the U.S. Justice Department opened up a criminal investigation to determine whether the Clinton White House had deliberately withheld potentially embarrassing e-mail from congressional subpoenas. And Bill Gates knows all about e-mail messages returning from the electronic grave to haunt you. In the Microsoft antitrust trial, Department of Justice lawyers skillfully used old e-mail he wrote and received to undermine the credibility of his videotaped testimony. Interestingly, Gates and his correspondents wrote many of these messages after the government filed suit, showing how even someone as savvy as the Microsoft king thought of e-mail as ephemeral.
Keeping Your Mail Private
Although a responsible employer should inform its workers that it monitors e-mail, companies may or may not be legally required to do so, depending on the laws of the state where the company is located. The best way to avoid getting in trouble with e-mail is to be cautious about what you write when you're at work. Kish says, "Treat your e-mail as if it were as important as any other business correspondence. Don't let the ease and convenience of sending e-mail replace common sense."
At times, though, you may have a legitimate need to send out sensitive material such as client correspondence or business plans. You can protect the privacy of these messages, but it's going to take a little work.
The Web-based accounts also provide a degree of anonymity. When setting up your account, you select a user name. It doesn't have to be your real name--you could call yourself firstname.lastname@example.org or email@example.com. These services generally ask for your name and some address information, but they don't verify the data, so you could provide bogus information. Keep in mind, however, that many newsgroups object to the use of fake identities for posting messages.
Don't think that you're untraceable just because you haven't associated your real name with an account. When you send a message through Hotmail or Yahoo, the Web site places your computer's IP address (the identifying number that your system uses on the Internet) into the message header. Many work-based computers, as well as home computers with DSL or cable connections, have a fixed IP address that points directly to you. Even if your computer has a dynamic IP address (one that changes each time you log on to the Internet), your ISP can check its server logs to find out which user occupied a specific IP address when a particular message was sent.
You can send messages to a remailer using your regular e-mail program or through a Web interface, such as the one at the Anonymizer Web site ( http://www.anonymizer.com ).
Naturally, the downside to having all of your address information stripped off your messages is that the recipient has no way to respond. Also, the e-mail can take a long time to go through--one test message took more than a day. Keep in mind that remailers won't protect you from unintentionally identifying yourself through your writing style or subject matter.
|Click here for Sidebar "Padlock Your E-mail with PGP"|
Encryption gives you the highest possible level of privacy protection. One of the most popular encryption tools is PGP (Pretty Good Privacy). Used in conjunction with many popular e-mail programs, this freeware encryption package can provide everything you'll need to encrypt, authenticate, and decrypt your most sensitive correspondence. Our guide walks you through setting up and using PGP with Microsoft's Outlook Express 5.02; however, the process is similar with other e-mail programs.
|PGP Tool Kit After you install the PGP package, this encryption menu appears in your e-mail program.|
PGP can also affix a digital signature to documents you send. This allows recipients to verify that messages actually came from you, not an impostor. (For an explanation of how PGP works, see the sidebar " PGP Basics ".http://web.mit.edu/network/pgp.html
Before you can begin encrypting e-mail, you must first create your public and private keys. The PGP Key Generation Wizard, which launches when you install PGP, walks you through this process. When setting up your keys, you'll have to establish a pass phrase (which is like a password but should be longer and therefore more secure). Take great care here--if you forget your pass phrase, nobody in the universe can retrieve it for you. When you have the keys, upload your public key to one of the Internet's public-key servers so that others can use it to send you mail.
|Key Master The PGP Recipients window is your keyring for the public keys of all your regular correspondents. As you obtain public keys, just drag them into the PGP Recipients window to add them to your keyring.|
Next, you'll need to obtain the public keys of the people to whom you want to send encrypted messages. You can use the PGP Keys program to retrieve their keys from a key server, or each correspondent can send his or her public key to you in a plain-text e-mail message. To save public keys to your keyring, simply drag them into an open PGP Keys window. Now you are ready to send off your top-secret e-mail messages.
If you don't already have the recipient's public key on your keyring, the PGP Recipients dialog box appears (see the screen shot "Key Master"), prompting you to get the key over the Internet from the public key server. With the keys in place, PGP then encrypts the text and replaces the plain text with the ciphertext (see the screen shot "Secret Decoder"). Now click on Send Now.
|Secret Decoder This gibberish is actually the text of this article after encryption with a friend's public key. It's unreadable until the recipient unlocks it using his or her private key.|
Scrambling for Privacy
Perhaps you don't need absolute anonymity, but you don't want anyone except your intended recipient to read your e-mail. You may, after all, be exchanging confidential company information with your business partner. For cases like this, you should look into encryption software. Encryption scrambles plain-text messages using a mathematical algorithm, so that only the intended recipient can read them.
You'll find relatively weak cryptography in Aladdin Systems' DropStuff (831/761-6200, http://www.aladdinsys.com ). This shareware program lets you compress and encrypt one or more files or folders into an archive file using a password. If you're using Apple's $99 OS 9 (800/692-7753, http://www.apple.com ), you don't need DropStuff, as OS 9 includes a similar security feature for files. To use it, choose Encrypt from the File menu in the Finder and select a password.
Encryption strength is measured in bits--the more bits a cipher has, the tougher it is to crack. The protection factor in DropStuff is fairly low, with only 40-bit encryption. By comparison, the level of encryption in most online banking transactions is 128 bits. Still, 40-bit encryption will baffle all but the most determined and sophisticated code-crackers. One big drawback to both DropStuff and OS 9's encryption features is that they work only on files or folders; you can't encrypt individual e-mail messages unless you save them as file attachments. Also, you must agree on a password with the recipient before you send the encrypted archive. If you exchange this password in an unprotected e-mail message, you'll shoot a giant hole in your carefully constructed wall of security.
Another option is a Web-based encryption service. These allow you to encrypt e-mail, which your recipient can then pick up securely. For example, Ziplip ( http://www.ziplip.com ) lets you compose your message on its secure Web site; the service then encrypts the e-mail and stores it on the Ziplip server. Ziplip sends the e-mail to the recipient, announcing that he or she has a Ziplip message waiting, and provides a special URL for retrieving the mail. To pick up their messages, recipients can visit the Ziplip site, provided they're using a 128-bit secure browser such as Internet Explorer 5 or some versions of Navigator 4.7 and later. For added protection, Ziplip destroys messages 24 hours after they're read. Because someone else could intercept Ziplip's e-mail to your recipient, you can optionally use a password or phrase known only to you and the recipient.PGP Basics
You can download the software from MIT's PGP distribution page ( http://web.mit.edu/network/bgp.html ). When you install PGP, a new menu appears in most Mac e-mail programs--including Outlook Express, Eudora Pro, and Claris Emailer--that allows you to encrypt and decrypt mail messages. (See the sidebar "Padlock Your E-mail with PGP" for tips on using PGP with Outlook Express 5.) The free download includes separate programs that help you encrypt files or folders on your hard disk, manage encryption keys (bits of code that encrypt and decrypt files), and securely erase files you've thrown in the Trash.
However, you'll encounter some significant obstacles in using PGP. The first is the setup required. You have to generate your code keys, which identify you, and upload one of them to a public key server, where others can download your key and use it to send you messages. You also have to understand how the PGP system works before you can use it securely. It comes with a good manual, but the process is inherently complex and confusing--especially for cryptography newbies. And finally, encrypting and decrypting mail messages takes some extra steps. If you're transmitting sensitive business information or trying to conceal a love affair, you'll find the added effort worth the trouble. But for your average e-mail chatter, you probably shouldn't bother.
By the way, it's perfectly legal to use encryption software, although your employer may not want you to use it at work and can probably demand that you refrain.
The Last Word
As Bruce Schneier once said, "Security is a process, not a product." There's no quick and easy way to ensure that your e-mail messages stay strictly between you and your correspondents, but you can do a lot to protect yourself. Treat work e-mail as if your boss were going to shout your messages from the rooftops. Use alternative e-mail services or encryption when you need more privacy. And remember, sometimes it's easier (and safer) to pick up the phone or use registered mail. Still, with a little forethought and willingness to change how you deal with e-mail, you can speak your mind--with peace of mind.
Contributing Editor TOM NEGRINO's latest book is Quicken 2000 for Macintosh, Visual QuickStart Guide (Peachpit Press, 1999).
July, 2000 page: 72